The original creator and developer of Malwarebytes is a long time MR forum user. After he developed the app for several years, he sold the app, if I am not mistaken to the current company.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
How safe is malwarebytes for Mac?
- Thread starter Silly John Fatty
- Start date
- Sort by reaction score
This seems to become an endless and useless conversation. The question is asked, answered and explained by multiple, very knowledge members on macrumors and expert reviews.
Last edited:
Top 3 lies about Malwarebytes perpetuated on this forum
1. Apple uses Malwarebytes
That’s just ridiculous. Apple used to sell other security products in its software store, but never Malwarebytes and it was never recommended to users.
https://support.apple.com/guide/security/protecting-against-malware-sec469d47bd8/web
2. Malwarebytes scans your hard drive for malware.
No, it doesn’t. As proven here https://forums.macrumors.com/threads/how-safe-is-malwarebytes-for-mac.2378702/post-31920399
3. Malwarebytes free protects you from malware
No, it doesn’t. Only the paid “Premium” version has “24/7 real-time protection”, that is supposed to stop malware from being installed.
And that doesn’t seem to protect even the Malwarebytes app from being modified, as seen here https://forums.macrumors.com/threads/malwarebytes.2305923/post-31342099
1. Apple uses Malwarebytes
That’s just ridiculous. Apple used to sell other security products in its software store, but never Malwarebytes and it was never recommended to users.
https://support.apple.com/guide/security/protecting-against-malware-sec469d47bd8/web
2. Malwarebytes scans your hard drive for malware.
No, it doesn’t. As proven here https://forums.macrumors.com/threads/how-safe-is-malwarebytes-for-mac.2378702/post-31920399
3. Malwarebytes free protects you from malware
No, it doesn’t. Only the paid “Premium” version has “24/7 real-time protection”, that is supposed to stop malware from being installed.
And that doesn’t seem to protect even the Malwarebytes app from being modified, as seen here https://forums.macrumors.com/threads/malwarebytes.2305923/post-31342099
(serious question, not trolling)
What does MWB do, then? Do users have to manually drag files and folders to the application to check them for malware? Or is it some sort of network filtering utility? Or something else?
Whether or not they use it internally is unknown. However there are numerous reports of Apple Support asking users to run Malwarebytes.
Unclear from the current documentation, misleadingly titled “Scan your device with Malwarebytes for Mac”
https://support.malwarebytes.com/hc/en-us/articles/360038479334
https://web.archive.org/web/2022092...lwarebytes.com/hc/en-us/articles/360038479334
Probably what it considers to be known locations used by malware.
At the moment, users can not select what to scan with Malwarebytes for Mac
For example, Bitdefender makes clear what it scans when asking for permission (~/, /Library/ and /Applicatios/) and users can also make a custom scan, select a folder to be scanned.
Support is not Apple. Support is mostly handled by call centers in developing countries, where the labor is cheap, staffed with workers that read scripts provided by Apple and probably use Google search for things that are not in the script, in an attempt to score another successful interaction with the customer.
I use the free version of MWB occasionally, so I am naturally interested in finding out if the product is ineffective or deceptive. To make sure I am interpreting your analysis correctly, is this an accurate restatement of your words?
Malwarebytes software does not tell users where on users' disks it performs scans. Malwarebytes software does not allow users to designate specific disk directories, folders, or files to scan. Therefore, Malwarebytes should not claim its software scans devices because users do not have control over what the software scans. But the Malwarebytes software does perform scans for malware in undisclosed areas of users' disks.
Good point I guess.
Thanks for your input.
Sadly bogdanw seems like he has some arguments. His video demonstration (I suppose it's not fake) on the previous page, showing malware being thrown at MB and MB not responding, is a bad sign.
What would you recommend @bogdanw?
It isn't really. Nobody has gone down on @bogdanw's arguments. He has shown in his videos that Malwarebytes doesn't recognise malware. "I've been using Malwarebytes for ages and it's good, trust me" is not a logic argument.
So I ran Bitdefender for a while (not even done a complete scan yet), and it has already found some malware that Malwarebytes didn't find (it was an eBook). That is bad news for MB.
Tomorrow I will also try Intego VirusBarrier Scanner.
Tomorrow I will also try Intego VirusBarrier Scanner.
Yep, including me - Apple Support have directed me to install and use it on 2 different occasions.
Yes to all.
I’m not saying that Malwarebytes is useless or purposely deceiving. It might be useful to disinfect a system that has already been infected. But users should be aware of what it does and what it doesn’t. A false sense of security is as dangerous as malware.
If a user downloads a dmg/pkg installer and thinks “I’ll scan with Malwarebytes before installing”, that scan result doesn’t say anything about the dmg/pkg, because it doesn’t scan it.
As I don’t use such an app on a daily basis, I just test them occasionally, it’s not for me to recommend something.
In my test, Bitdefender Virus Scanner seemed a little to aggressive, identifying as malware Windows executables used by CrossOver. Even if they were malware, it’s unlikely they would have affected macOS, just the Windows apps running in CrossOver.
I usually check the dmg/pkg installers on https://www.virustotal.com/gui/home/upload and use Suspicious Package to inspect what is actually installed https://www.mothersruin.com/software/SuspiciousPackage/
If those recommendations were over e-mail, could you please make them public? (with the necessary privacy modifications, of course)
I would like to ask https://twitter.com/AppleSupport about this.
Thanks for the explanation. This information is important because of the frequently given advice on these forums that the free version of Malwarebytes is the only non-Apple security needed for Macs, as well as the level of trust in the developer required when using MWB.
Going further, what is your view on the built-in macOS malware components? They are even more opaque than Malwarebytes, with independent-developer utilities required to view even basic information such as version update status and completed scans.
I expressed my view on some of Apple’s shortcomings here https://forums.macrumors.com/thread...-recommendations-merged.2346555/post-31855294
More recently, I feel Apple could have done more to inform users about the login items notifications in Ventura. Without understanding what is asked of them, users either approve all blindly, or deny all and end up complaining about apps that no longer work. Or just freak out.
https://forums.macrumors.com/threads/background-items-added-cannot-find-them.2375445/
https://forums.macrumors.com/threads/what-are-pma-and-ecrp.2377085/
https://forums.macrumors.com/threads/want-to-delete-sh-file.2378103/
More useful that Ventura’s notifications is BlockBlock https://objective-see.org/products/blockblock.html
If you are referring to SilentKnight, that is useless. According to Apple’s documentation, “The Mac checks for updates and upgrades about every 6 hours”. What do users of SilentKnight do, start the app every 3 hours? And if the app reports the system is not up to date, what do they do then? Open System Preferences (Settings) – Software Update or trigger it from Terminal (softwareupdate -l). So, if 6 hours is too long, user can just trigger software update as often as they like, no need for a third-party app.
https://support.apple.com/guide/deployment/use-mdm-to-deploy-software-updates-depafd2fad80/web
Not by email and only when connected to the real techs at Apple Cupertino itself (which is 3 layers of escalation from the UK support). In neither case was the issue caused by malware but Apple sorted the underlying issue directly, with bugs fixed in next release or two.
So, macOS bugs were considered malware by engineers in Cupertino and they instructed you to install Malwarebytes?
That's quite a claim without any proof.
If you are referring to SilentKnight, that is useless. According to Apple’s documentation, “The Mac checks for updates and upgrades about every 6 hours”. What do users of SilentKnight do, start the app every 3 hours? And if the app reports the system is not up to date, what do they do then? Open System Preferences (Settings) – Software Update or trigger it from Terminal (softwareupdate -l). So, if 6 hours is too long, user can just trigger software update as often as they like, no need for a third-party app.
https://support.apple.com/guide/deployment/use-mdm-to-deploy-software-updates-depafd2fad80/web
I don't want to start a debate, especially in a thread devoted to Malwarebytes, about various utilities for Macs. I do want to say, though, that I find SilentKnight to be useful. Why?
- My Mac does not use a MDM profile, as discussed in the above link.
- Updates, either batched or singly, can be requested from within SilentKnight.
- I am able to check the status of various macOS security functions without using Terminal or digging around the extremely cluttered and convoluted System Preferences pane.
- I am not a developer. Therefore, I avoid using text commands unless it is absolutely necessary. I prefer pointing and clicking to accomplish tasks. That's why I'm a long time Apple customer.
- SilentKnight's developer does not charge for any of his utilities nor does he sell advertising. As far as I can tell, he simply wants to contribute to the Mac community.
Last edited:
Every Mac checks for updates and upgrades about every 6 hours. Unless the user disables the check either with a profile, as described in the link, or simply from System Preferences - Software Update – Advanced (macOS Monterey and previous), respectively System Settings – General - Software Update – Automatic updates (Ventura).
https://support.apple.com/en-us/HT201541
The current Apple Platform Security (May 2022) states
“Apple issues the updates for XProtect automatically based on the latest threat intelligence available. By default, macOS checks for these updates daily. Notarization updates, which are distributed using CloudKit sync are much more frequent.”
https://support.apple.com/guide/security/protecting-against-malware-sec469d47bd8/web
Users can “View installed background updates” in System Information - Software – Installations
https://support.apple.com/en-us/HT207005
I don’t trust a third-party app to install security updates on my Mac.
Of course, everyone can do whatever they please with their Mac.
No, the install was to rule-out malware.
I don't need your affirmation or provide proof you silly little man. You asked a question and I politely answered it. You burned the bridge of respect, you will now swim alone.
For anybody considering Malwarebytes, here is some important information from the developer that is related to a previous discussion in this thread:
Malwarebytes performs what's called a "quick scan." Rather than scanning the entire hard drive for files that are known to only be installed in specific locations, the scanner targets only items in those specific locations.
Malwarebytes performs what's called a "quick scan." Rather than scanning the entire hard drive for files that are known to only be installed in specific locations, the scanner targets only items in those specific locations.
Claim
“Malwarebytes users are protected against Atomic Stealer
Quarantined items do not pose a threat”
Reality: Atomic Stealer in macOS Sonoma 14.1.1 with Malwarebytes Premiun (trial)
Malwarebytes image from https://www.malwarebytes.com/blog/t...ributed-to-mac-users-via-fake-browser-updates
accessed today 27 November 2023
https://web.archive.org/web/2023112...ributed-to-mac-users-via-fake-browser-updates
“Malwarebytes users are protected against Atomic Stealer
Quarantined items do not pose a threat”
Reality: Atomic Stealer in macOS Sonoma 14.1.1 with Malwarebytes Premiun (trial)
Malwarebytes image from https://www.malwarebytes.com/blog/t...ributed-to-mac-users-via-fake-browser-updates
accessed today 27 November 2023
https://web.archive.org/web/2023112...ributed-to-mac-users-via-fake-browser-updates
Thanks for doing these tests. This is what real consumer protection looks like.
I have this brand new Mac I spent quite some money on, and I’d never install something like Malwarebytes.